Training
Binary Reverse Engineering for Beginners
Saturday: 1000-1800
Binary reverse engineering is a critical skill in the
infosec world, from verifying crypto algorithms to finding and analyzing
vulnerabilities and writing exploits. This often requires a balance of
experience and intuition that only comes from practice. Our workshop will delve
into the dark art of disassembly and provide participants with the tools and
techniques required to practice it and develop the percieved ""sixth
sense"" that accompanies expert reverse engineers.
All examples in the workshop will be implemented in 32-bit
x86 assembly, and some experience programming in a high-level language is
assumed (preferably C/C++). Examples will be performed on the Linux operating
system, although many techniques will convey to any platform. It is also
assumed that participants understand the legal risks associated with reverse
engineering.
Participants should bring a laptop capable of running a Linux VM in VMware or VirtualBox. VMware and VirtualBox should be running the latest, updated versions. Relevant VMs will be distributed on the morning of the class with samples provided from a Google Drive.
(8 hour training)
Ben Demick
Ben Demick is a Senior Lead
Engineer at Booz Allen Hamilton with over 6 years of experience reversing
embedded systems and doing embedded development. He holds a B.S. in Electrical
Engineering and Physics from Clarkson University, an M.S. in Electrical and
Computer Engineering from Johns Hopkins University, and has been an instructor
with Booz Allen's internal software reverse engineering program for the last 3
years.
Allen Hazelton
Allen Hazelton is a Chief Engineer
at Booz Allen Hamilton and has 10 years of experience reverse engineering.
Since 2008, Mr. Hazelton has led Booz Allen’s internal reverse engineering
training program and has taught over 250 of his colleagues. Since 2009, Mr.
Hazelton has lectured at the A. James Clark School of Engineering at the
University of Maryland College Park where he teaches a 3 credit undergraduate
course in software reverse engineering for computer engineering and computer
science majors. Mr. Hazelton holds a B.S. in Computer Engineering from the
University of Maryland College Park and is CEH and CREA certified.
Michael Schroeder
Michael Schroeder is a Senior
Lead Engineer with Booz Allen Hamilton and has over 7 years of experience
reverse engineering embedded systems. He
holds a B.S. in Computer Engineering from the University of Maryland in College
Park, an M.S. in Electrical Engineering from Johns Hopkins University, and is
an instructor with Booz Allen's internal reverse engineering training program.
Building Blocks: An Introduction to Security Analysis
Saturday: 1000-1800
There’s a mantra often repeated in the sports world:
“Defense Wins Championships.” While there are no trophies to be won in
cybersecurity for having a champion-caliber defense; to help build a strong
defense it’s important to have a good, solid understanding of security
analysis.
This workshop is designed for security analysts with less
than three months' experience; or for those interested in a security career;
who wish to fully immerse themselves in a mock-up of a SOC (Security Operations
Center) environment and learn about various tools that are typically found in
said environment, how to use them in a monitoring situation, how to use digital
forensics when performing a security analysis, how to respond to a security
incident; and why having a security audit plan as part of a defensive strategy
is important.
Syllabus and additional details on this training course can be found at the following link. This includes suggestions for software to download prior to training. https://docs.google.com/document/d/1C8ykGzS-JVyxMx2YE6aIg6OttpbaCcebO7-iMfA1S-M/edit?usp=sharing
(8 hour training)
Kerry Hazelton
Alpha Geek. Gamer. Husband.
Father. Cybersecurity enthusiast. While all these terms accurately describe
Kerry, what motivates him the most is anything and everything involving
cybersecurity. Whether it’s a new exploit, tool, news article, or an
opportunity to learn or to share with others his experiences, he possesses and
maintains a strong passion and devotion to the industry.
Having been involved in IT since
1998, Kerry chose to narrow his area of expertise over five years ago and
sharpen his security skills by focusing on four key areas: digital forensics,
incident response, security analysis, and security auditing. He is currently
employed with DB Consulting Group, Inc. in Silver Spring, Maryland as a
Computer Security Specialist; his prior positions have included Security
Analyst and Remediation Security Specialist. Kerry is married to his wife of
thirteen years, and has one child. In his spare time, if he’s not spending time
with his wife; he’s either reading up on the latest trends in cybersecurity,
playing games, putting together puzzles with his son, or teaching his son the
art of hacking.
Fun with Network Packet Analysis!
Sunday: 1100-1600
This workshop is geared for audiences of all levels. We'll
start with the basics of traffic flow, i.e. OSI model and TCP/IP stack, and
from there dive into the fun part -- looking at custom PCAPs to examine various
security issues. We will end up with carving files from hex, which is easier
than you might think!
(4 hour training)
Marcelle Lee
Marcelle has a fancy bio and a
bunch of certs and degrees but none of that really matters for this workshop.
The only important thing is that she loves packet analysis and hopes you will
too!
Workshops and Groups
IoT Village
Sunday: 1000-1700
Organized by security consulting and research firm
Independent
Security Evaluators (ISE), The IoT Village™ delivers thought
leadership advocating for security advancements in Internet of Things (IoT)
devices. The village consists of workshops on hacking numerous off-the-shelf
devices (e.g. medical devices, home appliances, routers, and storage devices),
live educational talks and a variety of contests. The IoT Village's™ contests
are brought to you by SOHOpelessly Broken™, the first-ever router hacking
contest at DEF CON, which delivered 15 new 0-day vulnerabilities to the
research community.
Women’s Society of Cyberjutsu (WSC)
Saturday: 0900-1800
The Women’s Society of Cyberjutsu (WSC) is a 501(c)3 non-profit passionate about helping and empowering women to succeed in the Cybersecurity field.
We are a community of women supporting each other through every step of her career journey.
Whether you're transitioning to cybersecurity, just entering the field, or are a seasoned vet, our top-notch hands-on technical training and workshops provide the practical skills that translate into real world experience.
Hackers for Charity
Saturday and Sunday
Hackers for Charity (HFC) is a non-profit organization that leverages the skills of technologists. They solve technology challenges for various non-profits and provide food, equipment, job training and computer education to the world’s poorest citizens.
Unallocated Space
Sunday: 0900-1800
Unallocated Space (UAS) is an active hackerspace location in Anne Arundel County (Severn, MD) that supports the DC / Baltimore Metro Area. As an open technology-based community lab, we invite you to share your creativity!
Our mission is to foster our community to “Teach, Learn, Build”. Our 1600+ sqft space is minutes from BWI, between Baltimore and Washington DC. Equipped with a wide range of tools, UAS welcomes DIY tech enthusiasts of all skill levels and interests. Our space enables everyday people to share ideas and work on group and individual projects. Our facility has resources that support electronics (soldering, circuits), fabrication (wood, plastics, metal), and is fully wired/wireless network with a VM lab for network experiments. Our classroom can handle 20+ students and hosts courses in electrics, web development, programming and computer networking.
Our members offer a steady stream of free and public events, classes, activities, and anything that gets people building, making, and learning. We serve the community on 100% donated funds as a non-profit organization. For more information, visit unallocatedspace.org for upcoming events.
Contests
Point3 Cyber A3 CT
BSidesCharm is honored to bring one of the most advanced CTF
environments to our elite attendees in the region.
The “All Against All”, or Cyber A3, is a live-fire
exercise. Each team is provided the same
set of “mission critical” services. Each
of these services may have one or more flaws.
Teams must ensure their services have optimal update, while also
researching vulnerabilities, developing exploits for those vulnerabilities, and
then patching their own vulnerable services.
Teams lose points for service downtime or if their flags are stolen. Teams
gain points for stealing flags from their competitors. At the conclusion the team with the most
points is crowned champion.
There are several skill sets required if one wants to
win: System and network administration,
packet capture and network monitoring, vulnerability research, exploit
development, reverse engineering, and host and network forensics. Participants must bring their own hardware,
software, and personnel. Optionally
teams should consider their own method of Internet access and file transferring
as the game network won’t facilitate this. The game is best played amongst team
sizes of ~5, and VMs will be hosted on your systems during the competition.
Team captains can pre-register for a guaranteed team spot from the following link:
https://goo.gl/WjpjI8
Wireless Village
The BSidesCharm Wireless Capture the Flag (WCTF) is a trip
through the useable RF spectrum. Challenges will involve all of the physics and
RF theory that we have all come to love so much. You will be using tools like
the RTL-SDR, HackRF, BladeRF, your cell phone, and various 802.11 radios.
Although not all are necessary to compete, they will help. The WCTF can be
completed with experience ranging from a little knowledge to a pen-tester's
capability, and $40 to $4000 worth of equipment. Regardless of what you bring,
the key is to read the clues and determine the goal of each step. We teach
along the way, so if you are a N00b, we will help you learn strategies to get
you to competition level. This year we maintain certain aspects of past WCTFs
but are also introducing new challenges. For example, as in past WCTFs, you
will need to sit for a while and hack at crypto and break into networks. But,
unlike past WCTFs, you need to break out your war-walking shoes because you
will be tracking and finding hidden nodes and possibly even remote sites -- and
not all of them will be WiFi. We will also be holding the very popular, RF
Signal Drinking Game. There will be clues everywhere, and we will provide
periodic updates so make sure you pay attention to what's happening at the WCTF
Control Center, on Twitter, the interwebz, etc.
Flags:
Flags will range from transmissions in the spectrum to
pass-phrases used to gain access to wireless access points. Once you capture
the flag, submit it right away because some flags are worth more points the
sooner they are submitted (e.g., timed challenges) and others will be awarded
negative points (e.g., false flags). Offense and defense are fully in play by
the participants, the WCTF organizers, and the Con itself.
Links:
Check out
our websites for tools, what you need, and what to do. Enjoy your journey.
- http://wctf.us
- http://wirelessvillage.ninja
- http://sdr.ninja
|
|
